Receiving HTML code in response to my token request - docusignapi

Using this info:
https://account-d.docusign.com/restapi/v2/oauth/token
Content-Type: application/application/x-www-form-urlencoded
Authorization: Basic xxxx
Note: (xxxx is my integrator_id:secret_key base 64 encoded, i didnt want to post the value publicly)
I do a post call using the following params in the body:
grant_type: 'authorization_code',
code: '{The code returned from the /oauth/auth call}'
Instead of getting a json response, I get an HTML response that I can't seem to post in this message, because its too large.
I am completely stuck and can't finish my project because of this problem.

I think you are using wrong host in calling the /oauth/token, you need to call
https://account-d.docusign.com/oauth/token for Demo and
https://account.docusign.com/oauth/token for PROD
You should not call demo.docusign.net or www.docusign.com, these hosts are for rest of the API calls but not for OAUTH.

Related

Python Requests to Forge API - 401 Response "Authorization failed"

def get_token():
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
data = {'client_id': 'XXX', 'client_secret': 'XXX', 'grant_type': 'client_credentials', 'scope': 'data:read'}
response = requests.post('https://developer.api.autodesk.com/authentication/v1/authenticate', headers=headers, data=data)
return response.json()['access_token']
print('Bearer ' + get_token())
response_form_templates = requests.get('https://developer.api.autodesk.com/construction/forms/v1/projects/:projectId/form-templates', headers={'Authorization': 'Bearer ' + get_token()})
print(response_form_templates.json())
print(response_form_templates)
I'm trying to use python requests to simply get back the form-templates and all I'm getting back is a 401 response and a message saying "Authorization failed". The few print statements in there are from my trying to debug what's going wrong, but with my client_id and client_secret in there, it gives me those errors.
Any idea as to what could be wrong would be really helpful, thanks.
Btw. we don't have an official Forge SDK for Python yet but there's a simple, unofficial one here: https://github.com/petrbroz/forge-sdk-python that you could perhaps use as a reference when building the HTTP requests yourself. For example, here's how the SDK retrieves the 2-legged access token: https://github.com/petrbroz/forge-sdk-python/blob/develop/src/autodesk_forge_sdk/auth.py#L147-L178.
You are using a 2-legged token instead of a 3-legged token. As you can see from the image below, you require a 3-legged token when you want to retrieve form templates.
Use this link and see how you can get a 3-legged token.

Having trouble with Oauth2 and Postman

I am attempting to use postman with imgur api I used the 'open with postman' button at the top of the documentation page and tried to obtain a token with the default populated settings for callback authorization and token url's and I get a popup window with:
{"data":{"error":"redirect_uri_mismatch","request":"/oauth2/authorize","method":"GET"},"success":false,"status":400}
I am hoping this is a simple thing as i am pretty new to api's.
`Further info:
callback url: https://www.getpostman.com/oauth2/callback,
auth url: https://api.imgur.com/oauth2/authorize,
Access Token url: https://api.imgur.com/oauth2/token,
no Scope,
no State ,
Client authentication: send as basic header
`
I've got the same problem but I fixed it.
See if your callback URL in Postman is the same as your Redirect in Imgur (You can always edit it in Imgur) https://imgur.com/account/settings/apps.
Also, make sure that there is no comma at the end in the callback URL in Postman (That was my mistake). Everything else looks fine but just in case I'll show you what I have.
Postman:
Get -> https://api.imgur.com/3/account/me/images
Callback URL: https://www.getpostman.com/oauth2/callback
Auth URL: https://api.imgur.com/oauth2/authorize
Access Token URL: https://api.imgur.com/oauth2/token
Scope, State: Empty
Client Authentication: Send as Basic Auth header

How to upload video from the API imgur

I'm using imgur API and I have several question, what is the size limit for uploading a .gif ? I read everywhere the size limit of picture is 10Mb and gif are 20Mb but when I try to upload a gif of 11Mb with the API it tells me it's too heavy.
Also Im trying to upload a video (.mp4 , 6,9Mb) and I use the following request with postman
https://api.imgur.com/3/image?client_id={myclientid}
and in the body
video={mavideo.mp4}
but it return me a success with no information
{
"data": {
"errorCode": null,
"ticket": "90c70cdc"
},
"success": true,
"status": 200
}
I have followed the api documentation to make this request
Thank you.
EDIT:
Ok it work if I'm using
https://api.imgur.com/3/upload in postman but when I try to use it with ajax like this
if (fileExtension == "mp4" || fileExtension == "webm"){
form.append('video', file);
} else {
form.append('img', file);
}
$.ajax({
url: 'https://api.imgur.com/3/upload',
headers: {
Authorization: "Client-ID " + ClientId },
type: 'POST',
data: form,
cache: false,
contentType: false,
processData: false
})
I have got the message Access to XMLHttpRequest at 'https://api.imgur.com/3/upload' from origin 'http://localhost:3010' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
What is wrong ?
Not really an answer, but we both seem to be trying to get this working at the same time, so i will share what i found out.
As you seem to have found out also, there are 2 endpoints for uploading, /image and /upload.
When uploading video, /image returns a ticket id. This is probably meant to get the state of the queued processing. There is however no endpoint available where you can send the ticket id and get the state back.
Second endpont, /upload has however another bunch of issues.
While it does return a more useable object with image id and url, it seems to completely ignore the authorization header. Any image that i managed to upload this way has null for the uploaded user, and i don't see it in my account. (using oauth2 and sending Authorization: Bearer <token>) Even if i omit the header completely, it still works even though Authorization is mandatory for uploading.
Another weird thing is, if i don't send the auth header BUT add anything to the query params (so ?some=thing or whatever) it suddenly wakes up and starts requiring the authorization header. When i send it again at this point however, we are back at the beginning and even the /upload endpoint starts sending ticket id and not a reasonable response.
This is a CORS issue and needs to be fixed by the imgur devs. It's only an issue when doing client-side JavaScript as curl works just fine:
echo 'R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7' | base64 --decode | curl --location --request POST 'https://api.imgur.com/3/upload' --header "Authorization: Client-ID $CLIENT_ID" -F 'type=file' -F 'disable_audio=0' -F 'image=#-'

Not getting auth headers when setting axios default

I am trying to send an auth header along with an axios POST request from inside a Vue application. I currently am getting a 401 from my back end with an auth header that works when I do a curl.
I've tried splitting it up into variables and putting it in but that did not work and resulted in the same error (401).
This is just the axios code I am trying to get to work. I have checked with console.log and all values I am trying to send exist, though I don't know how to check the axios headers before sending.
axios.defaults.headers.common["Authorization"] = JWTtoken;
axios.post(updateURL, {
token: result.token
});
The backend code can't be changed easily for testing so need to figure out why not sending from the front end
I'd like it to send the correct header along with my request so I don't get a 401 status code.
I think you need this..
axios.defaults.headers.common["Authorization"] = "Bearer " + JWTtoken;
axios.post(updateURL, {
token: result.token
});
Notice that I add Bearer in the Authorization. It is how JWT was meant to be used according to their introduction.
However, if the answer is wrong. Help us by providing more information about your response in Developer Console as #RuChernChong suggest. Any error logs would be helpful as well.
Another way by using Axios globals to set for example X-Auth-Token encoding from JWT.io directly like this:
axios.defaults.headers.common["X-Auth-Token"] = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";

DocuSign invalid_grant error

Code Received by Get URL below:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature&client_id=1590cb04-f976-4b54-897d-157f5a711ed0&state=x39pm23rtf23&redirect_uri=https://dev.coplsaas.com.au/brokerdev/webservice/whservice/getdscode
then used received code in POST request to access token with below request
POST /oauth/token HTTP/1.1
HOST: account-d.docusign.com
authorization: Basic MTU5MGNiMDQtZjk3Ni00YjU0LTg5N2QtMTU3ZjVhNzExZWQwOmQxNmY4MWM0LTI5OTktNGMwOC04M2E0LTBiNWZkMGQ0NWFmMA==
content-type: application/x-www-form-urlencoded
cookie: __RequestVerificationToken=ARd6NkNlsuk_YG75ReDu9eQB0; __RequestVerificationToken_L01l0=AbHSxThtrkGESzjnwo0t1c4B0; mest=eyJ0eXAiOiJNVCIsImFsZyI6IkhTMjU2Iiwia2lkIjoiZWUyMDVlYjctYWJiMS00MmRiLTlmNjktZWFmMTg3ZThjZTczIn0.AQcAAAABAAIAAgDOEodJwVSyT4aBM16dnM1UDQAkAAAAYTFiODA4ZDktNGRhNi00ODM0LTgzOTItNGY0OWI2MDZmYTQ3FQABAAAAEgACAAAAAwAAAHRzdgsAAABpbnRlcmFjdGl2ZTAAgGs6FN6p1UgIAAAqazTgqdVI.XdbTt-fuOvAGJZ068I9T9GvA6YhmeW3Uv4RfhZPzoOA
content-length: 656
grant_type=authorization_code&code=eyJ0eXAiOiJNVCIsImFsZyI6IlJTMjU2Iiwia2lkIjoiNjgxODVmZjEtNGU1MS00Y2U5LWFmMWMtNjg5ODEyMjAzMzE3In0.AQkAAAABAAYABwCAcToxpqrVSAgAgP3AeKaq1UgCAM4Sh0nBVLJPhoEzXp2czVQVAAEAAAAYAAEAAAAFAAAADQAkAAAAMTU5MGNiMDQtZjk3Ni00YjU0LTg5N2QtMTU3ZjVhNzExZWQwMACAcToxpqrVSBIAAQAAAAsAAABpbnRlcmFjdGl2ZQ.KCF4tKuyh2AhA_H2FGh5ps89lT82go376xigC_lvtE6W20FonRRsiWM8CL6Bie8iS7miorenX9nVaAP-We4qKjmP1vBwp_yMujltr46Oq8Bt43l2acTgIh0Ne9yUf2C5ER1CF0nY1lusdS_UrgbEDoR_ZuDm2yuDtF2CPJtSMxjuZjEm9pgGOr7jQOCuTcwQLJA0OpmP1Dth7yzodkt50bh3Tfk3M4LxQ-xOMo_VnBTsxW_Ybu29R7ACV1nUdXMabrJQ-qtddRNULQXvXCD-ynpHu6GU0CwzRNeph6YhfRgbdB4ptWkb6XWcG3gkCpx8yaxn7glt58OjkQDi2v8Abw
but facing error below:
{
"error": "invalid_grant"
}
Please help. Thanks in advance.
Code returned by DocuSign after login is one time use and valid for 300 seconds. So I hope your callback URL - https://dev.coplsaas.com.au/brokerdev/webservice/whservice/getdscode is not using this code again and again. I was successfully able to generate AccessToken for my username with your code.

Resources